- 新しい順
- 投票が多い順
- コメントが多い順
The challenge is that identifying what are valid packets vs. DDoS packets is sometimes difficult (particularly if they are coming from different source IP addresses). This is even more difficult with UDP because it is stateless - there are no sessions to track and it becomes harder for automated systems to determine what are "good" vs. "bad" packets.
Using tcpdump is a good start; you might also enable VPC Flow Logs and try to create some NACLs or Security Group rules to drop traffic from known bad sources. While using iptables is good it also consumes CPU resources on your instance(s) - having those packets dropped before they get to the instance(s) is better.
I'd strongly recommend engaging with the AWS support team. They are in a position to perform more in-depth examination and to assist.
関連するコンテンツ
- AWS公式更新しました 1年前
- AWS公式更新しました 3ヶ月前
- AWS公式更新しました 2年前
- AWS公式更新しました 8ヶ月前